Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/jyZYPAHA5lXHBc2FhmhxMKhH3fk.roa
File: jyZYPAHA5lXHBc2FhmhxMKhH3fk.roa (raw, json)
Hash identifier: D6JzP8ijtxtxtK41OdudjqSiPlkNrmMCfKuCnIT4i8E=
Subject key identifier: 8F:26:58:3C:01:C0:E6:55:C7:05:CD:85:86:68:71:30:A8:47:DD:F9
Certificate issuer: /CN=d8672105752b982174d1040c103817570b8d34d6
Certificate serial: 01856DDD3D7BC57CF28A837CE143E1D02E42
Authority key identifier: D8:67:21:05:75:2B:98:21:74:D1:04:0C:10:38:17:57:0B:8D:34:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/jyZYPAHA5lXHBc2FhmhxMKhH3fk.roa
Signing time: Sun 01 Jan 2023 15:04:53 +0000
ROA not before: Sun 01 Jan 2023 15:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50489
IP address blocks: 185.35.68.0/22 maxlen: 24
192.153.60.0/22 maxlen: 24
91.240.47.0/24 maxlen: 24
2a0c:c640::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:3d:7b:c5:7c:f2:8a:83:7c:e1:43:e1:d0:2e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8672105752b982174d1040c103817570b8d34d6
Validity
Not Before: Jan 1 15:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f26583c01c0e655c705cd8586687130a847ddf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d5:98:90:a6:0e:a4:61:06:e4:d1:21:c7:b0:
0a:c6:26:7d:17:72:10:2e:ed:04:1a:f9:3f:9c:f4:
d2:4a:29:10:92:e5:b6:f3:b1:a3:20:b8:5d:7a:7b:
44:38:d8:2d:e0:1e:60:a9:da:36:a3:3a:7a:57:f4:
f4:30:5b:d5:47:21:f2:0d:93:d4:d7:bc:77:74:80:
7f:ab:89:ff:83:b3:dd:24:79:7d:19:11:d1:f0:24:
b1:8d:e7:dc:da:39:b2:13:0a:c8:eb:67:6e:49:ab:
d3:b1:11:20:50:21:84:a8:85:4a:86:09:65:55:a6:
cc:fd:86:b2:b3:91:19:43:d0:04:d7:c0:55:8d:e3:
3a:51:bd:c3:6c:e7:13:ca:69:50:69:23:0b:e7:23:
fc:eb:11:78:63:7e:77:a6:6c:1e:09:12:7e:5a:96:
9f:d7:f6:c8:ee:63:be:35:74:fe:1f:03:19:13:47:
8b:d8:2b:66:a4:ca:88:ee:32:1e:36:d2:7a:3d:2b:
91:f9:c5:1f:bd:6c:cb:63:44:2d:e7:73:61:ea:39:
53:3b:fe:0f:3d:24:42:4d:70:93:3d:43:7c:77:75:
c7:b4:24:86:1a:c0:05:45:38:fa:99:52:4b:4f:b4:
9b:86:9a:86:c6:23:c0:80:24:73:54:4a:e4:9c:7d:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:26:58:3C:01:C0:E6:55:C7:05:CD:85:86:68:71:30:A8:47:DD:F9
X509v3 Authority Key Identifier:
keyid:D8:67:21:05:75:2B:98:21:74:D1:04:0C:10:38:17:57:0B:8D:34:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/jyZYPAHA5lXHBc2FhmhxMKhH3fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.47.0/24
185.35.68.0/22
192.153.60.0/22
IPv6:
2a0c:c640::/29
Signature Algorithm: sha256WithRSAEncryption
3b:2d:ca:64:dd:a9:23:b3:b9:08:79:2d:c0:4d:49:c1:1b:74:
1a:7b:fd:2c:77:e8:db:27:0c:d8:ae:0f:f7:26:5c:02:76:35:
2e:7a:dc:dd:2f:1d:fc:47:2c:2b:41:0e:50:05:32:1e:ad:aa:
7d:71:eb:fd:36:3e:ab:f6:ed:9b:37:a5:5f:56:39:fe:33:d9:
0b:05:8d:42:92:22:8e:3a:cf:c1:87:8e:b7:70:c1:7a:a9:1d:
bd:f2:4e:1d:33:c2:f9:f1:e4:f4:2b:26:67:2c:02:c2:85:09:
65:79:ba:f9:da:1b:cb:ab:a5:ef:f3:39:23:3b:75:7b:68:1b:
fc:88:e6:04:77:84:f1:50:78:18:ca:e3:3a:0d:52:e2:74:90:
d8:01:84:c6:be:9d:47:2a:89:32:b9:97:85:2b:3b:14:30:3c:
d5:f4:2c:4e:26:46:8c:4b:61:47:34:6b:75:91:c8:db:db:cc:
a2:eb:dc:94:44:a7:eb:68:88:79:55:26:f4:78:de:d0:9d:9b:
68:8b:69:99:6b:f6:12:5c:18:08:8d:fe:52:e7:c1:3d:e2:0d:
34:4c:43:96:d1:a0:af:0e:da:37:08:15:fb:60:5e:c3:9f:ca:
37:43:20:26:6b:68:3f:21:d8:44:dc:1f:4f:92:99:fd:f6:e8:
04:1a:0b:e9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVt3T17xXzyioN84UPh0C5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcyMTA1NzUyYjk4MjE3NGQxMDQwYzEwMzgxNzU3MGI4
ZDM0ZDYwHhcNMjMwMTAxMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI2NTgzYzAxYzBlNjU1YzcwNWNkODU4NjY4NzEzMGE4NDdkZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktWYkKYOpGEG5NEhx7AKxiZ9F3IQ
Lu0EGvk/nPTSSikQkuW287GjILhdentEONgt4B5gqdo2ozp6V/T0MFvVRyHyDZPU
17x3dIB/q4n/g7PdJHl9GRHR8CSxjefc2jmyEwrI62duSavTsREgUCGEqIVKhgll
VabM/Yays5EZQ9AE18BVjeM6Ub3DbOcTymlQaSML5yP86xF4Y353pmweCRJ+Wpaf
1/bI7mO+NXT+HwMZE0eL2CtmpMqI7jIeNtJ6PSuR+cUfvWzLY0Qt53Nh6jlTO/4P
PSRCTXCTPUN8d3XHtCSGGsAFRTj6mVJLT7SbhpqGxiPAgCRzVErknH2xswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI8mWDwBwOZVxwXNhYZocTCoR935MB8GA1UdIwQY
MBaAFNhnIQV1K5ghdNEEDBA4F1cLjTTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjaEJYVXJtQ0YwMFFRTUVEZ1hWd3VOTk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNzMyZjQtYmU4NC00MjliLWExOGUt
MTUxOGE3MzNmOTcwLzEvanlaWVBBSEE1bFhIQmMyRmhtaHhNS2hIM2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNzMyZjQtYmU4NC00MjliLWExOGUtMTUxOGE3MzNmOTcw
LzEvMkdjaEJYVXJtQ0YwMFFRTUVEZ1hWd3VOTk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW/AvAwQC
uSNEAwQCwJk8MA0EAgACMAcDBQMqDMZAMA0GCSqGSIb3DQEBCwUAA4IBAQA7Lcpk
3akjs7kIeS3ATUnBG3Qae/0sd+jbJwzYrg/3JlwCdjUuetzdLx38RywrQQ5QBTIe
rap9cev9Nj6r9u2bN6VfVjn+M9kLBY1CkiKOOs/Bh463cMF6qR298k4dM8L58eT0
KyZnLALChQllebr52hvLq6Xv8zkjO3V7aBv8iOYEd4TxUHgYyuM6DVLidJDYAYTG
vp1HKokyuZeFKzsUMDzV9CxOJkaMS2FHNGt1kcjb28yi69yURKfraIh5VSb0eN7Q
nZtoi2mZa/YSXBgIjf5S58E94g00TEOW0aCvDto3CBX7YF7Dn8o3QyAma2g/IdhE
3B9Pkpn99ugEGgvp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org